Sub-processor list
Live list of third parties that PrimeStay engages to process personal data on behalf of clients.
Version 3.1 · Last updated: 17.05.2026
Layer abbreviations: Layer A = Marketing site (primestay.rs), Layer B = SaaS Web Application (app.primestay.rs), Layer C = Mobile apps (iOS/Android), Layer D = Managed Service.
Active sub-processors
| Provider | Role | Layer | Location | Transfer legal basis |
|---|---|---|---|---|
| Hetzner Online GmbH | VPS hosting (PostgreSQL, API, GeoIP DB) | A, B, C, D | Germany (EU) | DPA — processing within the EU |
| Paddle.com Market Ltd | Separate controller (Merchant of Record for billing — NOT our sub-processor; listed for transparency) | B, C | UK / EU | Paddle Data Sharing Addendum (Art. 26) + UK adequacy |
| Resend, Inc. | Transactional email (verification, reset, notifications, support) | A, B, C, D | EU + US | DPA + SCC 2021/914 |
| Google LLC — Firebase Cloud Messaging | Push notifications (Android primarily, iOS via APNs proxy) | C | US | Google Cloud DPA + SCC |
| Apple Inc. — APNs | iOS push delivery | C | US | Apple Developer Agreement + SCC |
| Apple App Store / Google Play | Mobile app distribution | C | US | Platform agreements + SCC |
| MaxMind, Inc. | Distribution of GeoLite2-City .mmdb file — no runtime calls with user data | B, C | US — file download only | Static data file (IP never goes to MaxMind) |
| Functional Software, Inc. (Sentry) | Backend error tracking + 10% performance traces (server-side; userId-only, no email, no IP) | B, C (server-side) | EU (de.sentry.io) | DPA — processing within the EU, no SCC overhead |
| Google LLC — Analytics 4 (G-8Z2TTGP38Z) | Marketing site analytics (only after consent via Cookie Banner) | A only | US | Art. 49(1)(a) consent + SCC |
| Google LLC — Google Ads (AW-3967715400) | Conversion tracking (only after consent) | A only | US | Art. 49(1)(a) consent + SCC |
| PrimeStay team — internal (managed service contractors) | Guest communication, cleaning, maintenance, check-in | D only | EU (Belgrade) | Art. 6(1)(b) contract with Owner (PMA) |
OTA sub-processors (Layer D — Managed Service only)
| Provider | Role | Layer | Location | Transfer legal basis |
|---|---|---|---|---|
| Airbnb Ireland UC | OTA listing + guest communication | D only | Ireland (EU) | Airbnb Terms of Service |
| Booking.com B.V. | OTA listing + guest communication | D only | Netherlands (EU) | Booking Terms of Service |
What is NOT a sub-processor (negative list)
- — Facebook / Meta (no Pixel, no Conversion API)
- — TikTok / LinkedIn / X (Twitter) — no tracking pixels
- — Mixpanel / Amplitude / Segment / Heap / PostHog
- — Crashlytics / Datadog RUM (no FE crash / APM tracker in either mobile or web app). Note: Sentry is used SERVER-SIDE only for backend error tracking — see the active list above.
- — Hotjar / Microsoft Clarity / FullStory / Mouseflow
- — AppsFlyer / Branch / Adjust (mobile attribution SDKs)
- — Stripe / Square / other MoR besides Paddle
- — AWS / Azure / GCP (no workloads there; everything is on Hetzner)
- — Cloudflare (not currently in front, direct Hetzner edge)
Sub-processor obligations
PrimeStay concludes with each sub-processor an agreement with at least the same level of protection as in our DPA towards clients: purpose limitation, confidentiality, Art. 32 GDPR security measures, cooperation on privacy requests and breach notification. PrimeStay remains fully liable to the Client for each sub-processor's performance.
Change notifications: Clients are notified by email at least 30 days before the introduction of a new sub-processor that processes your personal data. To subscribe: support@primestay.rs with subject "Sub-processor notifications".